Real-Time SoC Security against Passive Threats Using Crypsis Behavior of Geckos
TL;DR: This work seeks refuge to the crypsis behavior exhibited by geckos in nature to generate a runtime security technique for SoC architectures, which can bypass runtime passive threats of a HTH.
Abstract: The rapid evolution of the embedded era has witnessed globalization for the design of SoC architectures in the semiconductor design industry. Though issues of cost and stringent marketing deadlines have been resolved in such a methodology, yet the root of hardware trust has been evicted. Malicious circuitry, a.k.a. Hardware Trojan Horse (HTH), is inserted by adversaries in the less trusted phases of design. A HTH remains dormant during testing but gets triggered at runtime to cause sudden active and passive attacks. In this work, we focus on the runtime passive threats based on the parameter delay. Nature-inspired algorithms offer an alternative to the conventional techniques for solving complex problems in the domain of computer science. However, most are optimization techniques and none is dedicated to security. We seek refuge to the crypsis behavior exhibited by geckos in nature to generate a runtime security technique for SoC architectures, which can bypass runtime passive threats of a HTH. An adaptive security intellectual property (IP) that works on the proposed security principles is designed. Embedded timing analysis is used for experimental validation. Low area and power overhead of our proposed security IP over standard benchmarks and practical crypto SoC architectures as obtained in experimental results supports its applicability for practical implementations.
Citations
More filters
TL;DR: This work explores how power draining ability of HTHs may reduce lifetime of the system and an offline–online scheduling strategy is proposed for periodic tasks which can ensure reliability of their operations till the expected lifetime ofThe system.
Abstract: The present era has witnessed deployment of reconfigurable hardware or field-programmable gate arrays (FPGAs) in diverse domains like automation and avionics, which are cyber physical in nature. Such cyber physical systems are associated with strict power budgets. Efficient real-time task-scheduling strategies exist that ensure execution of maximum number of tasks within the power budget. However, these do not consider hardware threats into account. Recent literature has exposed the existence of hardware trojan horses (HTHs). HTHs are malicious circuitry that remain dormant during testing and evade detection, but get activated at runtime to jeopardize operations. HTHs can be etched into the FPGA fabric by adversaries in the untrustworthy foundries, during fabrication of the FPGAs. Even vendors selling reconfigurable intellectual properties or bitstreams that configure the FPGA fabric for task operation may insert HTHs during writing the bitstream codes. HTHs may cause a variety of attacks which may affect the basic security primitives of the system like its integrity, confidentiality or availability. In this work, we explore how power draining ability of HTHs may reduce lifetime of the system. A self-aware approach is also proposed which detects the affected resources of the system and eradicates their use in future to facilitate system reliability. An offline–online scheduling strategy is proposed for periodic tasks which can ensure reliability of their operations till the expected lifetime of the system. Accommodating non-periodic tasks in the periodic task schedule based on available power is also focused. For experimentation, we consider tasks associated with EPFL benchmarks and demonstrate results based on the metric task success rate for periodic tasks and metric task rejection rate for non-periodic tasks.
9 citations
TL;DR: Self-aware security modules attached with each IP works based on the Observe-Decide-Act paradigm and not only detects vulnerability but also organizes behavior of the IPs dynamically at runtime so that the high-level objective of task completion before a deadline is ensured.
Abstract: The semiconductor design industry of the embedded era has embraced the globalization strategy for system on chip (SoC) design. This involves incorporation of various SoC components or intellectual properties (IPs), procured from various third-party IP (3PIP) vendors. However, trust of an SoC is challenged when a supplied IP is counterfeit or implanted with a Hardware Trojan Horse. Both roots of untrust may result in sudden performance degradation at runtime. None of the existing hardware security approaches organize the behavior of the IPs at the low level, to ensure timely completion of SoC operations. However, real-time SoC operations are always associated with a deadline, and a deadline miss due to sudden performance degradation of any of the IPs may jeopardize mission-critical applications. We seek refuge to the stigmergic behavior exhibited in insect colonies to propose a decentralized self-aware security approach. The self-aware security modules attached with each IP works based on the Observe-Decide-Act paradigm and not only detects vulnerability but also organizes behavior of the IPs dynamically at runtime so that the high-level objective of task completion before a deadline is ensured. Experimental validation and low overhead of our proposed security modules over various benchmark IPs and crypto SoCs depict the prospects of our proposed mechanism.
7 citations
Cites background from "Real-Time SoC Security against Pass..."
...Mitigating passive threats via on-chip self-awareness was demonstrated in Guha et al. (2015, 2017b)....
[...]
...…various phases of Very Large Scale Integration (VLSI) design across This article is an extended version of a previously published conference research paper from the 30th International Conference on VLSI Design and the 16th International Conference on Embedded Systems (VLSID’17) (Guha et al. 2017a)....
[...]
...However, for causing an infinite delay, the payload may be composed of a simple loop architecture with a buffer inside, where for each operation, one unit of delay is caused and the progress is never made (Guha et al. 2017a)....
[...]
...Other than outsourcing the various phases of Very Large Scale Integration (VLSI) design across This article is an extended version of a previously published conference research paper from the 30th International Conference on VLSI Design and the 16th International Conference on Embedded Systems (VLSID’17) (Guha et al. 2017a)....
[...]
...Passive threats affect the confidentiality of the system (e.g., leakage of secret information) (Guha et al. 2017b)....
[...]
TL;DR: PMPGuard, a mechanism that detects the presence of hardware Trojans in Third Party Intellectual Property cores of PMPSoCs by continuous monitoring and testing and recovers the system by switching the infected processor core with another one, is presented.
Abstract: Multiprocessor System-on-Chip (MPSoC) has become necessary due to the the billions of transistors available to the designer, the need for fast design turnaround times, and the power wall. Thus, present embedded systems are designed with MPSoCs, and one possible way MPSoCs can be realized is through Pipelined MPSoC (PMPSoC) architectures, which are used in applications from video surveillance to cryptosystems. Hardware Trojans (HTs) on PMPSoCs are a significant concern due to the damage caused by their stealth. An adversary could use HTs to extract secret information (data leakage) to modify functionality/data (functional modification) or make PMPSoCs deny service. In this article, we present PMPGuard, a mechanism that (1) detects the presence of hardware Trojans in Third Party Intellectual Property (3PIP) cores of PMPSoCs by continuous monitoring and testing and (2) recovers the system by switching the infected processor core with another one. We designed, implemented, and tested the system on a commercial cycle accurate multiprocessor simulation environment. Compared to the state-of-the-art system-level techniques that use Triple Modular Redundancy (TMR) and therefore incur at least 3× area and power overheads, our proposed system incurs about 2× area and 1.5× power overheads without any adverse impact on throughput.
6 citations
Cites background from "Real-Time SoC Security against Pass..."
...hardware Trojan is small, the increase in the side-channel parameters is too small to detect [14]....
[...]
...However, the side-channel-based techniques are ineffective when the size of the hardware Trojans is negligible when compared to the size of the SoC [14]....
[...]
28 Jun 2018
TL;DR: A self aware approach for facilitating runtime security from integrity attacks or erroneous result generation due to HTHs is proposed, which overcomes the limitations of the existing redundancy based approach.
Abstract: Globalization of the modern semiconductor design industry has evicted the hardware root of trust. Security principles are compromised at runtime due to the implantation of malicious circuitry or Hardware Trojan Horse (HTH) in the vulnerable stages of System on Chip (SoC) design, from less trusted third parties. Runtime security from integrity attacks or erroneous result generation due to HTHs is the focus of this work. The prevailing techniques adopt a redundancy based approach. Several limitations are associated with the redundancy based approach like inability to perform multitasking in a multitasking environment, inability to adapt to aging, use of fault diagnosis even in normal scenario and severe overhead in area and power. Incorporation of observe, decide and act (ODA) paradigm in the design of a SoC makes it self aware. We propose a self aware approach for facilitating runtime security, which overcomes the limitations of the existing redundancy based approach. Low overhead in area and power and better throughput than the redundancy based approaches as observed in experimental results aid its application for practical scenarios.
4 citations
16 Nov 2020
TL;DR: In this paper, the authors analyze how vulnerability in hardware like hardware trojan horses (HTH) can increment power dissipation suddenly at runtime, without affecting the basic security primitives like integrity, confidentiality or availability of the system.
Abstract: Deployment of reconfigurable hardware or field programmable gate arrays (FPGAs) in cloud platforms is the modern trend. Practical scenarios include Amazon’s EC2 F1 cloud services, Microsoft’s Project Catapult and many others. Efficient task scheduling algorithms exist that can ensure green computing, i.e. order the operation of user tasks in the available FPGAs in such a manner that the power dissipated is optimum. But recent literature has exhibited eradication of the hardware root of trust, which is not taken into account by the existing task scheduling algorithms that can facilitate green computing. In this work, we analyze how vulnerability in hardware like hardware trojan horses (HTH) can increment power dissipation suddenly at runtime, without affecting the basic security primitives like integrity, confidentiality or availability of the system. Thus, are difficult to detect but may hamper the system due to unnecessary high power dissipation. We also develop a suitable runtime task scheduling algorithm which schedules the tasks at runtime based on the dynamic status of the resources, such that the power dissipation incurred at runtime is optimum. Finally, we also propose a mechanism via which we can detect affected cloud resources based on the runtime operations. We validate our proposed methodology via simulation based experiments.
1 citations
References
More filters
06 Aug 2002
TL;DR: A concept for the optimization of nonlinear functions using particle swarm methodology is introduced, and the evolution of several paradigms is outlined, and an implementation of one of the paradigm is discussed.
Abstract: A concept for the optimization of nonlinear functions using particle swarm methodology is introduced. The evolution of several paradigms is outlined, and an implementation of one of the paradigms is discussed. Benchmark testing of the paradigm is described, and applications, including nonlinear function optimization and neural network training, are proposed. The relationships between particle swarm optimization and both artificial life and genetic algorithms are described.
35,104 citations
01 Feb 1996
TL;DR: It is shown how the ant system (AS) can be applied to other optimization problems like the asymmetric traveling salesman, the quadratic assignment and the job-shop scheduling, and the salient characteristics-global data structure revision, distributed communication and probabilistic transitions of the AS.
Abstract: An analogy with the way ant colonies function has suggested the definition of a new computational paradigm, which we call ant system (AS). We propose it as a viable new approach to stochastic combinatorial optimization. The main characteristics of this model are positive feedback, distributed computation, and the use of a constructive greedy heuristic. Positive feedback accounts for rapid discovery of good solutions, distributed computation avoids premature convergence, and the greedy heuristic helps find acceptable solutions in the early stages of the search process. We apply the proposed methodology to the classical traveling salesman problem (TSP), and report simulation results. We also discuss parameter selection and the early setups of the model, and compare it with tabu search and simulated annealing using TSP. To demonstrate the robustness of the approach, we show how the ant system (AS) can be applied to other optimization problems like the asymmetric traveling salesman, the quadratic assignment and the job-shop scheduling. Finally we discuss the salient characteristics-global data structure revision, distributed communication and probabilistic transitions of the AS.
11,224 citations
"Real-Time SoC Security against Pass..." refers background in this paper
...ACO is based on the action of ants where finding optimal solutions is the objective in a space comprising all possible solutions [Dorigo et al. 1996]....
[...]
01 Dec 2009
TL;DR: A new meta-heuristic algorithm, called Cuckoo Search (CS), is formulated, based on the obligate brood parasitic behaviour of some cuckoo species in combination with the Lévy flight behaviour ofSome birds and fruit flies, for solving optimization problems.
Abstract: In this paper, we intend to formulate a new meta-heuristic algorithm, called Cuckoo Search (CS), for solving optimization problems. This algorithm is based on the obligate brood parasitic behaviour of some cuckoo species in combination with the Levy flight behaviour of some birds and fruit flies. We validate the proposed algorithm against test functions and then compare its performance with those of genetic algorithms and particle swarm optimization. Finally, we discuss the implication of the results and suggestion for further research.
5,521 citations
Additional excerpts
...DOI: http://dx.doi.org/10.1145/3014166...
[...]
01 Jan 2005
5,265 citations
"Real-Time SoC Security against Pass..." refers methods in this paper
...Similarly, ABC algorithm is based on the foraging behaviour of honey bees, which is used to explore new regions in the search space [Karaboga 2005]....
[...]
...DOI: http://dx.doi.org/10.1145/3014166...
[...]
TL;DR: A classification of hardware Trojans and a survey of published techniques for Trojan detection are presented.
Abstract: Editor's note:Today's integrated circuits are vulnerable to hardware Trojans, which are malicious alterations to the circuit, either during design or fabrication. This article presents a classification of hardware Trojans and a survey of published techniques for Trojan detection.
1,227 citations